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Remarks 

The above Amendments and these Remarks are in reply to the Office Action mailed August 
2, 2004. An appropriate Terminal Disclaimer, together with a Certificate of Ownership is filed 
concurrently herewith. 

L Summary of Examiners Rejections 

Prior to the Office Action mailed August 2, 2004, Claims 1 6, 29 and 57-89 were pending in 
the Application. In the Office Action mailed August 2, 2004, Claims 16, 29, 57-62, 63-68, 72-77 and 
8 1-86 were rejected under the judicially created doctrine of obviousness-type double patenting over 
the claims of U .S. Patent No. 6, 1 58,01 0. Claims 72-80 were rejected under 35 U .S.C. 1 1 2, second 
paragraph, as being indefinite. Claims 72-80 were also rejected under 35 U.S.C. 101 as being 
directed to non-statutory subject matter. Claims 69-71 , 78-80 and 87-89 were rejected under 35 
U.S.C. 102(e) as being anticipated byNessettetal. (U.S. Patent No. 5,968,176, hereafter Nessett). 

H. Summary of Applicants' Amendment 

The present Response amends Claims 69-80 and 87-89, leaving for the Examiner's present 
consideration Claims 16, 29, 57-89. Reconsideration of the Application, as amended, is respectfully 
requested. Applicant reserves the right to prosecute any originally presented or canceled claims 
in a continuing or future application. 

ML Claim Rejections under Double Patenting 

In the Office Action mailed August 2, 2004, the Examiner rejected Claims 1 6, 29, 57-62, 63- 
68, 72-77 and 81-86 under the judicially created doctrine of obviousness-type double patenting over 
the Claims of U.S. Patent No. 6,158,010. An appropriate Terminal Disclaimer, together with a 
Certificate of Ownership showing common ownership for both the current application and U.S. 
Patent No. 6,1 58,010, isfiled concurrently herewith. Applicant respectfully submits that this renders 
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moot the rejection of Claims 1 6, 29, 57-62, 63-68, 72- 77 and 81-86 under the doctrine of double- 
patenting, and reconsideration thereof is respectfully requested. 

IV. Claim Rejections under 35 U.S.C. S 112 

In the Office Action mailed August 2, 2004, Claims 72-80 were rejected under 35 U .S.C. 1 1 2, 
second paragraph, as being indefinite for failing to particularly point out and distinctly claim the 
subject matter which Applicant regards as the invention. The present Response accordingly 
amends Claims 72-80. Applicant respectfully submits that Claims 72-80 now conform to the 
requirements of 35 U.S.C. 112, and reconsideration thereof is respectfully requested. 

V. Claim Rejections under 35 U.S.C. § 101 

In the Office Action mailed August 2, 2004, Claims 72-80 were rejected under 35 U.S.C. 1 01 , 
as being directed to neither a process nor a machine. The present Response accordingly amends 
Claims 72-80. Applicant respectfully submits that Claims 72-80 now conform to the requirements 
of 35 U.S.C. 101, and reconsideration thereof is respectfully requested. 

VL Claim Rejections under 35 U.S.C. S 102(e) 

In the Office Action mailed August 2, 2004, Claims 69-71 , 78-80 and 87-89 were rejected 
under 35 U.S.C. 102(e) as being anticipated by Nessett (U.S. Patent No. 5,968,176). 

Claim 69 

Claim 69 has been amended by the current Response to more clearly define the 
embodiment of the invention therein. As amended, Claim 69 defines: 

69. (Amended) A method for maintaining software application security in a distributed 
computing environment, comprising: 

managing a security policy via a policy manager; and 
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managing, via an application guard, access to securable software application 
components as specified by the security policy; 

wherein the application guard further allows for additional customized code to 
process and evaluate authorization requests in order to access securable software 
application components based on the additional customized code. 

Claim 69, as currently amended, defines a system for managing a security policy via a policy 
manager, and managing access to securable software application components specified by the 
security policy. The application guard further allows for additional customized code to process and 
evaluate authorization requests in order to access securable software application components 
based on the additional customized code. Applicant respectfully submits that these features are 
not disclosed by the cited references. Particularly in the embodiment defined by Claim 58, the 
application guard allows for managing access to software application components. 

Nessett discloses a multilayer firewall system. Nessett apparently discloses a distributed 
firewall system for establishing security in a network of multiple devices, such as remote access 
equipment, routers, switches, repeaters and network cards. A security policy script is provided 
having a syntax that allows translation of the security policy statement into configuration data for the 
protocol and the device type of the node in the network at which the policy is enforced. (Column 7, 
Lines 41-45). The generic term "node" refers to either end systems or network devices. End 
Systems (hosts) are the nodes identified in the policy statements. (Column 8, Lines 1-3). The 
security policy language itself is used to write a set of security policy statements that specify allowed 
activity between end systems. An illustrative rule base and syntax has activities like FTP, Telnet, 
Real Audio and HTTP. (Col 8, Lines 34-55). 

It appears from the above description that, in Nessett the nodes protected by the distributed 
firewall system are devices and end systems (hosts), and that policies are used to protect the 
network and protocol access to these devices. 

However, in the embodiment of the invention defined by claim 69, an application guard is 
provided for managing access to software application components. In accordance with this 
embodiment, the software applications typically run on a host or a device, and the network access 
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to the host occurs first, followed by application access to the software applications running on the 
host. The security access to these software applications and their application components is 
different from the network and protocol access to the hosts on which these software applications 
are running. 

Furthermore, Nessett discloses that each NIC, such as the NIC at the end system 601 
shown in Figure 7, uses the security policy rules to filter packets at the end system, enforcing the 
policy rules so that the end system would not be able to receive any traffic other than FTP. (Column 
23, Lines 20-26). The two examples described with respect to Figure 6 and Figure 7 describe how 
the NICs enforce the network security policy for the host systems in a network. (Column 21 , Line 
54 - Column 23, Line 57). This suggests that, in Nessett, the NICs on the host systems are 
responsible for enforcing the security policies at the network access of the host systems, and that 
there is no support for enforcing any security policies for the software applications and their 
components running on these host systems. Hence, Applicant respectfully submits that Nessett 
does not teach managing access to software application components, as currently defined by Claim 
69. 

In view of the above comments, Applicant respectfully submits that Claim 69 is neither 
anticipated by, nor obvious in view of the cited references, and reconsideration thereof is respectfully 
requested. 

Claims 70, 71, 78-80 and 87-89 

Claims 70, 71 , 78-80 and 87-89 are not addressed separately but it is respectfully submitted 
that these claims are allowable for similar reasons as provided above with respect to Claim 69. 
Applicant respectfully submits that Claims 70, 71 , 78-80 and 87-89 are similarly neither anticipated 
by, nor obvious in view, of the cited references, and reconsideration thereof is respectfully 
requested. 
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It is also submitted that these claims also add their own limitations and features which 
render them patentable in their own right. Applicant reserves the right to argue these limitations 
should it become necessary in the future. 

VII. Conclusion 

In view of the above amendments and remarks, it is respectfully submitted that all of the 
Claims now pending in the subject patent application should be allowable, and reconsideration 
thereof is respectfully requested. The Examiner is respectfully requested to telephone the 
undersigned if he can assist in any way in expediting issuance of a patent. 

The Commissioner is authorized to charge any underpayment or credit any overpayment 
to Deposit Account No. 06-1325 for any matter in connection with this response, 
including any fee for extension of time, which may be required. 



Respectfully submitted, 



Date: 




By: 




Karl Kenna 
Reg. No. 45,445 



FLIESLER MEYER LLP 
Four Embarcadero Center, Fourth Floor 
San Francisco, California 94111-4156 
Telephone: (415) 362-3800 
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